» dawn of the planet of the apes american hq movie download online.exe
Overview
Analysis
File Details

dawn of the planet of the apes american hq movie download online.exe

Igor Kostеnko

The application dawn of the planet of the apes american hq movie download online.exe, “Installer for ClearAsky Installer” by Igor Kostеnko has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Tarma Installer installer.

File name:

Publisher:

ClearAsky Installer (signed by Igor Kostеnko)

Product:

ClearAsky Installer

Description:

Installer for ClearAsky Installer

Version:

2014.7.12.1336

MD5:

699a71a5af33b7d226fa5eff04dd9ee5

SHA-1:

d43a3b6d58dc61b73ec4223a0cc2eda390ab833e

SHA-256:

bc6d4ba5fd8fbc706a05672566a70ad583449100ee1ad9207c0697ed25caf2ea

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses Web-Pick's 'File Product', an Installer which wraps various products and downloads and installs it silently through the process, hosted on TusFiles.

Analysis date:

5/15/2024 9:04:42 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

Adware (M)

17.2.28.14

File size:

314.2 KB (321,784 bytes)

Product version:

1.0.0.3

Original file name:

TSULoader.exe

File type:

Executable application (Win32 EXE)

Installer:

Tarma Installer

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\dawn of the planet of the apes american hq movie download online.exe

Digital Signature

Signed by:

Igor Kostеnko

Authority:

Unizeto Technologies S.A.

Valid from:

6/26/2014 7:12:25 AM

Valid to:

6/26/2015 7:12:25 AM

Subject:

E=igor.kostenko.1968@list.ru, CN=Igor Kostеnko, O=Igor Kostеnko, C=UA

Issuer:

CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

73D7EEFE98832175BCF7B05E053D7063

File PE Metadata

Compilation timestamp:

3/12/2013 4:51:45 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x14DB

Entry point:

55, 8B, EC, 81, EC, 2C, 06, 00, 00, 53, 56, 33, DB, 57, 66, 89, 9D, DC, FB, FF, FF, 89, 5D, F4, 89, 5D, FC, FF, 15, 74, 30, 40, 00, A3, 08, 44, 40, 00, FF, 15, 70, 30, 40, 00, 8B, F8, 8D, 45, EC, 50, FF, 15, 6C, 30, 40, 00, FF, 15, 68, 30, 40, 00, 8B, F0, F7, D6, 33, F7, FF, 15, 64, 30, 40, 00, 33, F0, 8B, 45, F0, 33, 45, EC, 68, 04, 01, 00, 00, 33, F0, 8D, 85, D4, F9, FF, FF, 50, 53, FF, 15, 60, 30, 40, 00, 85, C0, 75, 41, FF, 15, 5C, 30, 40, 00, 83, F8, 78, 75, 1A, 68, A8, 32, 40, 00, E8, 43, FB, FF, FF... 
[+]

Entropy:

7.9535

Developed / compiled with:

Microsoft Visual C++

Code size:

7.5 KB (7,680 bytes)

Remove dawn of the planet of the apes american hq movie download online.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.